Summary

Backdoor:Win32/Qakbot.gen!C is a trojan backdoor that connects to a remote server, allowing an attacker to access your computer. It can steal confidential information, such as your online banking details and email user names and passwords.

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

This threat tries to steal sensitive and confidential information from affected users to perpetrate fraud. If you believe that your personal financial information may have been compromised, please refer to the following advisory for additional advice:

It may also steal your information by recording your user names and passwords. After removal of the threat you should change your passwords. Please refer to the following advisory for tips on how to create and use passwords:

Get more help

Threat behavior

Installation

Backdoor:Win32/Qakbot.gen!C usually has a random file name. It runs automatically every time Windows starts by adding a Run entry in the system registry and by creating a service. The service has the following details: